Sophos have provided a Mac version of their Anti-Virus software for a long time and uniquely also used to provide a Mac tool for providing an internal corporate deployment and update service for this.
Instructions covering installation, using and configuring Sophos, and troubleshooting on Windows, Mac OS, Apple iOS, and Android devices are on this valuable online resource. Information Security Report a Cybersecurity Issue.
This tool was called 'Sophos Update Manager' (SUM) it did two things. Firstly it let you build a pre-configured installer package which would include the settings telling Mac clients how to get updates, and secondly it would automatically update this install and folder, it would also put in this folder new anti-virus definitions.
I have 10 endpoints with Sophos Endpoint Protection setup on the UTM with 3 of them having Web Control enabled. As soon as I disable Web Control, CPU usage returns to previous levels. Enable Web Control and CPU% shoots up to 30% or more.and this is with only 3 endpoints. In this video Yash from Sophos Support shows you how to troubleshoot the known permission issue caused by Apple's new per application permissions policies.-. Sophos Home Premium for Mac Best Prices Today: US$44.99 at Sophos Sophos Home Premium has the most extensive and up-to-date approach to fighting malware at an unbeatable price. (DEF47186) On Mac OS X versions 10.4 and 10.5, if you click the Sophos Anti-Virus icon on the right-hand side of the menu bar, and then choose Scan Local Drives from the shortcut menu, in certain cases, either nothing happens or the Choose Application dialog appears.
Sophos Mac Os Big Sur
You would therefore normally have this folder on a Mac file server and have the installer package and hence client Macs configured to get updates from this folder. You could also define Sophos' own servers as the backup - secondary source for updates.This solution was therefore comparable with Sophos' own Windows tools of in the past Sophos Library Manager and now Sophos Enterprise Console, and also comparable with equivalent Windows only tools from McAfee and Symantec. The big difference being that no-one else makes a similar Mac tool for Mac only
environments.In more recent times Sophos have failed to update SUM and officially it only runs on OS X 10.7 (Lion) or older, it did however continue to be able to distribute updates for Sophos Anti-Virus 8 for Macs even if client Macs were running Mountain Lion. However not only does SAV8 not officially support running on OS X 10.9 (Mavericks) SAV8 is also due to be discontinued in April 2014.
It is therefore necessary to move all Macs to SAV9 by April 2014.
SUM does not support SAV9 and so far Sophos have shown no interest in providing an updated version. Sophos do provide a standalone installer for SAV9 which will automatically if needed uninstall SAV8 and replace it with SAV9, and this installer can be pre-configured with the credentials needed to get updates directly from Sophos' servers.
Sophos Os X
See http://www.sophos.com/en-us/support/knowledgebase/119744.aspxYou might think therefore that all one needs to do is download the standalone SAV9 installer, pre-configure it as per the above article and then deploy it to all your Macs. Unfortunately the standalone SAV9 installer is
not a standard Apple installer type package, it is an application that itself does the installation. This means it cannot be deployed using standard Apple administration tools like Apple Remote Desktop, Casper, or Munki. All these tools will merely see it as an application and at best just copy it to a client Macs Applications folder where it will just sit and do nothing.As a reminder, the SAV8 installer was a standard installer package and after being configured using SUM could be deployed using standard Mac tools.
What was really annoying is that as someone who has also managed both Windows only and mixed environments with Sophos I happen to know that SAV9 when managed by Sophos Enterprise Console on a Windows server does still come as a standard Apple installer package.
Sophos technical support were not a lot of help regarding this and frankly seem pretty clueless about how Mac software is deployed in an enterprise environment. They suggested switching to Sophos Cloud. Sophos Cloud can be thought of as being a cloud based version of Sophos Enterprise Console in that it lets you manage settings and view the status of the client computers running Sophos Anti-Virus, and unlike the Sophos Enterprise Console can be accessed via a web-browser on a Mac. However the client installer used with Sophos Cloud for Mac is still the same custom application and not a standard Apple installer package, as such it still cannot be deployed using standard Mac administration tools.
As an aside the free home edition of Sophos Anti-Virus for Mac is also based on the same custom application.
Sophos Antivirus Os X
So at this point the only official options were to buy a Windows Server just so you could run Sophos Enterprise Console, something that would have cost a fortune even if you run it in a virtual machine as you not only would have to buy Windows Server but also all the Client Access Licenses for all your Macs, or you would have to go round each and every Mac client and manually run the standalone installer application with the huge administrative overhead this entails and the often frequent difficulty to get access to machines.Clearly this had moved Sophos from being by far the most friendly Mac solution thanks to SUM, to being actually worse than most since at least McAfee with their ePO system use standard Apple installer packages.
I raised this issue in some user forums including here https://jamfnation.jamfsoftware.com/discussion.html?id=9785 and also pursued this matter directly with another contact I had at Sophos. Via that contact I was able to find out that hidden inside the Sophos standalone installer application was a command line tool called InstallationDeployer and that this tool could be scripted and run via a standard Unix shell script. With this information
After updating the above forum with this information I had started building such an installer package but Richard Trouton beat me to it and to be honest his solution is cleaner than the one I was building. Richard has written this up here http://derflounder.wordpress.com/2014/02/20/deploying-sophos-anti-virus-for-mac-os-x-9-x/ however Richard's script only works with the free home edition of Sophos Anti-Virus for Mac which would have been the only version he had access to. I have therefore taken his script and enhanced it so that it works for both the free home edition and also the paid-for official SAV9 standalone installer.
Update - SAV 9.2.x now stores the auto-update credentials outside the Sophos installer application in a separate folder. This means I had to modify my script to copy both the installer application and this folder, I did this by putting both the Sophos installer and their settings folder inside another folder. This folder (of both items) gets copied to the client Mac and my scripts looks inside the folder and then inside the Sophos installer to find and run the Sophos commandline tool to do the actual installation. If you look at my further updated script you will see the name of the folder that you must use or otherwise you need to modify my script to the name of the folder you have chosen.
Sophos Os X Free
My updated version of the script can be accessed here http://pastebin.com/uRT2VMw9
My further updated version of the script which now supports SAV 9.2.x is here http://pastebin.com/0EYi7V4c
Sophos Osx Free
Note: The free home edition is not authorised for business use, only for home use.
So if you have no Windows server and need to mass deploy Sophos Anti-Virus 9 for Mac the best solution is as follows.
- Download the SAV9 standalone installer
- Pre-configure it with your Sophos update credentials as per the Sophos article
- Convert it to an Apple installer package as per Richard's article but with my version of his script
- Deploy it using your favourite tool - ARD, Casper, Munki, or other